CISNTWK-11 Microsoft Windows 2003 Server

Similar documents
PLANNING AND DESIGNING GROUP POLICY, PART 1

Module 8: Implementing Group Policy

Chapter. Managing Group Policy MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER:

Group Policy 21/05/2013

MS-50255: Managing, Maintaining, and Securing Your Networks Through Group Policy. Course Objectives. Required Exam(s) Price.

Managing Windows Environments with Group Policy

Group Policy Infrastructure

Fundamentals, Security, and the Managed Desktop

Guide to deploy MyUSBOnly via Windows Logon Script Revision 1.1. Menu

THE POWER OF GROUP POLICY

How To Write A Gpmc Script For A Gpc (Windows 2003) On A Windows 2000 (Windows 2000) On Your Computer Or Your Computer (Windows 3) On An Ipad Or Ipad (Windows 2) On The Macbook

MS 50255B: Managing Windows Environments with Group Policy (4 Days)

Group Policy Explained

Managing Windows Environments with Group Policy 50255D; 5 Days, Instructor-led

Active Directory Software Deployment

Lesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment

Module 5: Implementing Group Policy

MCTS Guide to Microsoft Windows 7. Chapter 13 Enterprise Computing

How To Implement A Group Policy Object (Gpo)

Windows GPO Deep Dive

Test Note Phone Manager Deployment Windows Group Policy Sever 2003 and XP SPII Clients

DeviceLock Management via Group Policy

Create, Link, or Edit a GPO with Active Directory Users and Computers

Windows Boston. Group Policy Group Policy Basics. Published 2007 Clyde G. Johnson, MCSE, A+

MailStore Outlook Add-in Deployment

Objectives. At the end of this chapter students should be able to:

50255: Managing Windows Environments with Group Policy

Administering Group Policy with Group Policy Management Console

Outpost Office Firewall

Expert Reference Series of White Papers. In the Trenches: Eight Tips-n-Tricks For Microsoft Windows Group Policy

WINDOWS 2000 Training Division, NIC

Index. Special Characters

Active Directory. Users & Computers. Group Policies

TECHNICAL DOCUMENTATION SPECOPS DEPLOY / APP 4.7 DOCUMENTATION

Desktop Authority and Group Policy Preferences

Administration Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

Partie Serveur Lab : Implement Group Policy. Create, Edit and Link GPOs. Lab : Explore Group Policy Settings and Features

How to monitor AD security with MOM

Group Policy for Beginners

HOW TO SILENTLY INSTALL CLOUD LINK REMOTELY WITHOUT SUPERVISION

Table Of Contents. - Microsoft Windows - WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS XP PROFESSIONAL...10

Getting Started Guide

Log Management and Intrusion Detection

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Installation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

Course 6425B: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

ms-help://ms.technet.2005mar.1033/winnetsv/tnoffline/prodtechnol/winnetsv/maintain...

SHARING FILE SYSTEM RESOURCES

Module 7 Management. Section 7.1: WSUS. CIST2414 Microsoft Server Administrator. Summary. Windows Server 2008 Server Administrator

ACTIVE DIRECTORY DEPLOYMENT

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Guide to Securing Microsoft Windows 2000 Group Policy

ms-help://ms.technet.2005mar.1033/security/tnoffline/security/smbiz/winxp/fwgrppol...

Configuring the Windows XP SP2/Vista Firewall for UserLock

NetWrix Password Manager. Quick Start Guide

Group Policy Object. Heng Sovannarith

Sharpdesk V3.5. Push Installation Guide for system administrator Version

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Windows 2008 Server DIRECTIVAS DE GRUPO. Administración SSII

Lesson Plans LabSim for Microsoft s Implementing a Server 2003 Active Directory Infrastructure

Policy and the Windows Server 2003 Group Policy Management Console

Implementing and Supporting Microsoft Windows XP Professional

Configuring, Managing and Maintaining Windows Server 2008 Servers

Using Logon Agent for Transparent User Identification

Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Quick Start Guide. IT Management On-Demand

Installation Guide - Client. Rev 1.5.0

ANNE ARUNDEL COMMUNITY COLLEGE ARNOLD, MARYLAND COURSE OUTLINE CATALOG DESCRIPTION

DeviceLock Management via Group Policy

PC Power Down. MSI Deployment Guide

These guidelines can dramatically improve logon and startup performance.

Symantec Enterprise Security Manager Baseline Policy Manual for CIS Benchmark. For Windows Server 2008 (Domain Member Servers and Domain Controllers)

Configuring and Troubleshooting Windows 2008 Active Directory Domain Services

6425C - Windows Server 2008 R2 Active Directory Domain Services

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

R4: Configuring Windows Server 2008 Active Directory

Understanding Group Policy Part 1

Outpost Network Security

2. Using Notepad, create a file called c:\demote.txt containing the following information:

Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Contents. Supported Platforms. Event Viewer. User Identification Using the Domain Controller Security Log. SonicOS

ExecuTrain Course Outline Configuring & Troubleshooting Windows Server 2008 Active Directory Domain Services MOC 6425C 5 Days

Configuring Managing and Maintaining Windows Server 2008 Servers (6419B)

MS-6425C - Configuring Windows Server 2008 Active Directory Domain Services

Technical documentation: SPECOPS PASSWORD POLICY

Stellar Active Directory Manager

MOC 6419: Configuring, Managing, and Maintaining Windows Server 2008

Lesson Plans LabSim for Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain MOC 6425

Group Policy for. Healthcare Desktop Management. Prepared by Microsoft Version Baseline

Deployment of Keepit for Windows

Microsoft Visual Basic Scripting Edition and Microsoft Windows Script Host Essentials

Installing, Configuring, and Managing a Microsoft Active Directory

WORKING WITH COMPUTER ACCOUNTS

6419: Configuring, Managing, and Maintaining Server 2008

The Windows Server 2003 Environment. Introduction. Computer Roles. Introduction to Administering Accounts and Resources. Lab 2

Setting Up, Managing, and Troubleshooting Security Accounts and Policies

Advanced Audit Policy Configurations for LT Auditor+ Reference Guide

Contents 1. Introduction 2. Security Considerations 3. Installation 4. Configuration 5. Uninstallation 6. Automated Bulk Enrollment 7.

Transcription:

Microsoft Windows 2003 Server 1

Group Policy Microsoft s description of Group Policy: Group Policy allows you to stipulate users environments only once, and to rely on the operating system to enforce them thereafter Group Policy is a key component of Active Directory It was introduced with Windows 2000 Server Additional capabilities have been added to Windows Server 2003 although it is virtually 100% backwards compatible with Windows 2000 Group Policy It is stored on Active Directory Domain Controllers only It only affects computers running Windows Server 2003, Windows XP Professional, and Windows 2000 not Windows NT or 9x By default, Group Policy affects all computers and all users in an Active Directory Site Domain Organizational Unit (OU) 2

Group Policy (continued) Contrary to what the name implies, Group Policy does not affect security Groups Although this can be accomplished with an Access Control List (ACL) Windows 2003/XP/2000 computers also have a Local Policy that defines behavior and/or restrictions for that computer only A Local Policy exists in a Domain environment and a non-domain environment These Local Policies are handled in a special way on Domain Controllers they exist within the Domain Controller Security Settings on Domain Controllers Most of the capabilities of Group Policy requires Active Directory Although some of the capabilities of Group Policy are available outside of a Domain environment on Windows 2000, XP Professional, and Windows Server 2003 the features are available by entering GPEDIT.MSC from a command line Although some of the capabilities can be achieved with System Policy 1 1 System Policy is part of Windows NT and has been replaced by Group Policy in Windows 2000 (and later) 3

Group Policy Control Group Policy allows Administrators to control computers and users with/for Administrative Templates Registry based policy, known as System Policy in Windows NT Server 4 controls Registry settings for the user (HKEY_CURRENT_USER) controls Registry settings for the computer (HKEY_LOCAL_MACHINE) Group Policy Registry settings are not permanent they will be backed out when a Group Policy no longer applies Folder Redirection (beneath Windows Settings) allows the location of folders (directories) to be specified anywhere in the network for Application i Data Desktop My Documents My Pictures Start Menu Internet Explorer Maintenance (beneath Windows Settings) allows Internet Explorer to be managed after it has been deployed Remote Installation Services (beneath Windows Settings) assists in the deployment of Windows 2003/XP/2000 4

Group Policy Control (continued) Group Policy allows Administrators to control computers and users with/for Security settings (beneath Windows Settings) controls security settings for domains, computers and users they include Account Policies Password Policy Account Lockout Policy Local Policies Audit Policy User Rights Assignment Security Options Event Log Restricted Groups System Services Registry (keys security) File System (security) access control, audit, and ownership Public Key Policies IP Security Policies on Active Directory 5

Group Policy Control (continued) Group Policy allows Administrators to control computers and users with/for Security settings (beneath Windows Settings) [continued] controls security settings for domains, computers and users they include Software Restriction Policies introduced with Windows XP Professional included with Windows Server 2003 not available on Windows 2000 Domains Wireless Network (IEEE 802.11) Policies introduced with Windows Server 2003 not available on Windows 2000 Domains 6

Group Policy Control (continued) Group Policy allows Administrators to control computers and users with/for Scripts (beneath Windows Settings) that run when the computer starts up and/or when the computer shuts down that run when a user logs on and/or when a user logs off examples of scripts include Windows Scripting Host (WSH) files, such as Visual Basic (.VBS) scripts Java (.JS) scripts batch files with the.bat extension command files with the.cmd extension executable programs with the.exe extension Software Installation (beneath Software Settings) 1 used for application deployment, software updates, patches, etc. this is implemented using the Windows Installer technology which is based on a Microsoft Software Installation (MSI) package file 1 This topic is outside of scope of this course 7

Group Policy Concepts Group Policy allows the creation of one or more policies at each of the following Active Directory hierarchies Site Domain Organizational Unit (OU) Child OU(s) (an OU can be nested) Not all Group Policy options are available at each of the hierarchies The collection of settings that is manipulated as a unit is referred to as a Group Policy Object, or GPO Each individual policy setting can usually be specified with one of the following settings Not Configured / Not Defined Generally the default the policy will not be changed (it will remain as is ) Enabled the policy is in effect (is to be applied) Disabled the policy is not in effect (will not be applied) 8

Group Policy Concepts (continued) User Accounts and Computer Accounts are the only types of Active Directory objects that receive Group Policy Computer policies are obtained when a computer starts up or shuts down User policies are obtained when a user logs on or logs off A Group Policy Object has two halves A Computer Configuration half (also known as Computer policies) which affects only computer accounts A User Configuration half (also known as User policies) which affects only user accounts Computer policies affect all users who logon to the computer 1 User policies affect the user, regardless of which computer he/she logs on to 1 There are some individual policies located in both the Computer Configuration half and the User Configuration half If both halves are defined, then the GPO in the Computer Configuration usually takes precedence 1 See slide titled Group Policy Application Order for an example 9

Group Policy Processing Group Policy is processed hierarchically in the following order First - Local Second - Site users are affected by Site Policies only when they logon to computers located at a specific Site 1 Third - Domain Fourth - Organizational Unit (OU) Fifth (...) - Child OU (any nesting is done top to bottom ) By default, Group Policy is inherited Note: AG Group Policy Object tin a parent tdomain is not inherited it by a child Domain A Group Policy Object set at the Site will be in effect at the Domain or OU A Group Policy Object set at the Domain will be in effect at the OU A Group Policy Object set at an OU will be in effect at a child OU By default, for any conflicting policies, the one done last wins An OU will win over both the Domain and the Site A child OU will win over a parent OU The Domain will win over the Site 1 See slide titled Group Policy Site Processing for details 10

Group Policy Processing (continued) The Group Policy objects are applied based on the path leading to the 1 Computer object in Active Directory User object in Active Directory users receive the Site User polices based on the Site location of the computer they logon from The following table shows the events and actions that initiate Group Policy Action or Event Corresponding Group Policy That Gets Applied Computer configuration settings Startup scripts User configuration settings Based on the location in Active Directory of the Computer object Computer starts up Computer configuration settings Computer object User logs on User object Logon scripts User logs off Logoff scripts User object Computer shuts down Shutdown scripts Computer object 1 See slide titled Group Policy Order of Evaluation for details 11

Group Policy Processing (continued) At each Group Policy hierarchy, the following option exists No Override This takes precedence an administrator can set this at a higher level in the hierarchy to prevent administrators at a lower level of the hierarchy from overriding enterprise policy decisions this will prevent lower level Group Policy Objects from overriding a policy set at this level right click on item, and select Properties -> Group Policy -> Options... At the Domain and Organizational Unit, the following option exists Block Policy Inheritance this prevents higher h level l Group Policy Objects from affecting policies i set at this level right click on item, and check Properties -> Group Policy -> Block Policy Inheritance The No Override takes precedence over Block Policy Inheritance if the two are in conflict 12

Group Policy Application Order Group Policy processing order for Computer Configuration Site 1 Group Policy processing order for User Configuration Domain X OU A OU B Location of Computer Account OU C OU D Location of User Account 13

Group Policy Site Processing Group Policy at the Site is determined by the location of the computer account The Site Policy is applied from the Site that the computer is located in which is based on the TCP/IP subnet of the computer The Computer Configuration for the Site GPO is used when the computer is started The User Configuration for the Site GPO is used when a user logs onto that computer For example, if User Joe logs onto computer x in Site A The Computer Configuration s GPO for Site A is used when computer x is started The User Configuration s GPO for Site A is used when User Joe logs onto computer x Computer x User Joe s Account Site A Site Link Site B Domain 14

Group Policy Order of Evaluation Fullerton Site Group Policy Object GPO A acme.com Domain GPO B User Sally OU Engineering GPO C Computer \\HW4 Marketing OU OU Hardware GPO D GPO E Active Directory Object Location In Active Directory Order that Group Policy Object is Applied Computer \\HW4 OU Hardware A then B then C then D User Sally OU Marketing A then B then E 15

Group Policy Example Group Policy order of evaluation Site A Domain X OU 1 OU 2 Policy - Disable and Remove links to Windows Update Policy - Disable Changing gwallpaper p (No Override) No Screen Saver Policy - Enable Changing Wallpaper Screen Saver Policy - (Block Policy Inheritance) Policy Site A Domain X OU 1 OU 2 Windows Update Disabled Disabled Disabled Enabled Changing g Wallpaper p Enabled Disabled Disabled Disabled Screen Saver Enabled Disabled Enabled Enabled Policy in Effect For illustrative purposes only. The user receives these policies based on the computer location within the Site 16

Group Policy Objects in a Domain When a Domain is created, two Group Policy Objects are automatically created To simplify diagnosing ggroup Policy, they should be left unchanged Create additional Group Policy Objects at that level if you need additional policies The following table shows where Group Policy can be applied and default GPOs Active Directory Object Name Active Directory Group Policy Name of Default Group Policy Object Visible only with Advanced Object Supported? Features? <Name of Domain> Domain Yes Default Domain Policy 1 No Builtin Container No No Computers Container No No Domain Controllers OU Yes Default Domain No Controllers Policy 2 3 ForeignSecurityPrincipals Container No No LostAndFound Container No Yes Program Data 4 Container No Yes System Container No Yes Users Container No No 1 Same as Start Menu -> Programs -> Administrative Tools -> Domain Security Policy 2 Same as Start Menu -> Programs -> Administrative Tools -> Domain Controller Security Policy 3 The Domain Controller(s) must not be moved outside control of this GPO. Active Directory will fail if they are 4 Introduced with Windows Server 2003 17

SYSVOL Share Is used to support some Active Directory infrastructure features, such as Logon scripts utilized by Potentially any public files available for the Domain Exists only on Windows 2003/2000 Domain Controllers %SystemRoot%\SYSVOL\sysvol (This is the default directory) This share is read only for end-users The NETLOGON share is located within the SYSVOL share on Windows 2003/2000 The SYSVOL share (indirectly) supports the same features provided by the NETLOGON share When a user logs on (authenticates to a Domain Controller), the SYSVOL share for that computer (Domain Controller) is used Windows automatically keeps the SYSVOL shares synchronized for all the Domain Controllers within a Domain using File Replication Service (FRS) The SYSVOL Share must be located on an NTFS partition/volume Due to the way FRS functions Because the SYSVOL share is implemented with NTFS Junction Points 18

The Group Policy Editor Administrators manage Group Policy by using a series of Microsoft Management Console (MMC) snap-ins These MMC snap-ins are available on Domain Controllers via Start Menu -> Programs -> Administrative Tools ->... You can install Group Policy Management Console (GPMC) to manage all aspects of Group Policy It was made available after the release of Windows Server 2003, and must be downloaded and installed separately 1 It can be used to manage Group Policy in Windows 2000 Domains Windows 2003 Domains It can be installed on a Windows 2003 Server It can be installed tlldon a Windows Wid XPProfessional computer 2 1 Refer to Resources slide for more details 2 You must have Service Pack 1 (or later) installed on the Windows XP Professional system 19

The Group Policy Editor (continued) You can install Windows Server 2003 Administration Tools to remotely manage Windows 2003 Domains and Windows 2000 Domains from Windows XP Professional computers 1 The Windows Server 2003 Administration Tools are included with the Windows Server 2003 family You can access the tools using the following methods from the \I386 directory on the Windows Server 2003 media, run the ADMINPAK.MSI installation program from the %SystemRoot%\system32 directory on the Windows 2003 Server, run the ADMINPAK.MSI MSI installation program You can install Windows 2000 Administration Tools to remotely manage Windows 2000 Domains from Windows 2000 Professional computers The Windows 2000 Administration Tools are included with Windows 2000 Server (family) From the \I386 directory on the Windows 2000 Server media, run the ADMINPAK.MSI installation program 1 You must have Service Pack 1 (or later) installed on the Windows XP Professional system 20

The Group Policy Editor (continued) The following MMC snap-ins are available for managing Group Policy for a Domain Active Directory Sites and Services this is used to manage Group Policy at the Site level right click on a Site, and select -> Properties -> Group Policy Active Directory Users and Computers this is used to manage Group Policy at the Domain and OU level right click on a Domain or OU, and select -> Properties -> Group Policy To edit the appropriate policies User policies are defined underneath User Configuration within Group Policy Computer policies are defined underneath Computer Configuration within Group Policy The following MMC snap-ins are available for managing g the local Security Policy on an individual computer or on Domain Controllers Local Security Policy this is used to manage the local Security Policy on non-domain Controllers Domain Controller Security Policy this is used to manage the local Security Policy on Domain Controllers 21

Resources Microsoft Knowledge Base (KB) http://support.microsoft.com pp (select Search Knowledge Base with Search For set to Article ID ) A Malicious User May Circumvent User Policy Article ID: 812541 Best tpractices for Sysvol lmaintenance Article ID: 324175 Default Behavior for Group Policy Extensions with Slow Link Article ID: 227369 Description of the Windows XP Professional Fast Logon Optimization Feature Article ID: 305293 Domain Security Policy in Windows 2000 Article ID: 221930 Expected System and Group Policy Behavior with Windows 2000 Clients Article ID: 253672 for Windows 2000 Professional Clients in Windows NT 4.0 Domain or Workgroups Article ID: 274478 22

Resources (continued) Microsoft Knowledge Base (KB) http://support.microsoft.com pp (select Search Knowledge Base with Search For set to Article ID ) Group Policy Application Rules for Domain Controllers Article ID: 259576 How a Slow Link kis Detected t dfor Processing User Profiles and dgroup Policy Article ID: 227260 HOW TO: Delegate Administration of Article ID: 275715 HOW TO: Delegate Authority for Editing a Group Policy Object (GPO) Article ID: 221577 How to Enable User Environment Debug Logging in Retail Builds of Windows Article ID: 221833 How to Give Users Access to Group Policy Objects Article ID: 273857 HOW TO: How to Modify the Default Group Policy Refresh Interval Article ID: 203607 23

Resources (continued) Microsoft Knowledge Base (KB) http://support.microsoft.com pp (select Search Knowledge Base with Search For set to Article ID ) How to Secure Windows in a Non-Domain Environment Article ID: 269799 HOW TO: Use the Group Policy Results Tool in Windows 2000 Article ID: 321709 Loopback Processing of Group Policy Article ID: 231287 Overview of Logon, Logoff, Startup, and Shutdown Scripts in Windows 2000 Article ID: 198642 Registry Settings for Folder Redirection in Windows Article ID: 242557 TechNet Support WebCast: Troubleshooting Group Policy and profile issues in a domain environment by using Userenv logging Article ID: 835302 Troubleshooting Group Policy Application Problems Article ID: 250842 24

Resources (continued) Microsoft Knowledge Base (KB) http://support.microsoft.com pp (select Search Knowledge Base with Search For set to Article ID ) Troubleshooting Group Policy Client-Side Extension Behavior Article ID: 216358 Troubleshooting h Missing i SYSVOL and NETLOGON Shares on Windows 2000 Domain Controllers Article ID: 257338 Updates to Restricted Groups Behavior of User-Defined Local Groups Article ID: 810076 Upgrading Windows 2000 Group Policy for Windows XP Article ID: 307900 Using Secedit.exe to Force Group Policy to Be Applied Again Article ID: 227448 25

Resources (continued) Microsoft Windows Server 2003 resources http://www.microsoft.com/windows2003 (select Technical Resources -> Technical Overviews, then choose Index of Windows Server 2003 Technical Articles ) Administering Group Policy with Group Policy Management Console select the section Management Services Introducing the Group Policy Management Console select the section Management Services Managing Windows XP Service Pack 2 Features Using Group Policy select the section Management Services Migrating GPOs Across Domains with GPMC select the section Management Services 26

Resources (continued) Microsoft Windows Server 2003 resources GPMC Scripting; Automate GPO management tasks http://www.microsoft.com/downloads/details.aspx?familyid=c06516f2-86fd-48ba- 8502-970F2DEC0C5A&displaylang=en User Data and Settings Management http://www.microsoft.com/downloads/details.aspx?familyid=bdf0454f-f002-4857- f002 4857 9290-e1bb98ac2d61&DisplayLang=en Using Administrative Template Files with Registry-Based Group Policy http://www.microsoft.com/downloads/details.aspx?familyid=652e8fd2-8de0-473e- 927D-572A64DF844B&displaylang=en Windows Server 2003 Group Policy Infrastructure http://www.microsoft.com/downloads/details.aspx?familyid=237b03af-fa8c-4362-8b03-90c47b9b8be2&displaylang=en 27

Resources (continued) Microsoft Windows 2000 Server resources http://www.microsoft.com/windows2000 Implementing Registry-Based Group Policy white paper select Technical Resources -> How it Works -> Management Introduction to Windows 2000 Group Policy select Technical Resources -> >How itw Works -> >Management Step-by-Step Guide to Understanding the Group Policy Feature Set select Technical Resources -> Step-by-Step Guides -> Management Services Troubleshooting Group Policy in Windows 2000 white paper select Technical Resources -> How it Works -> Management User Data and Settings Management select Technical Resources -> Administration -> Management Services Windows 2000 Group Policy select Technical Resources -> How it Works -> Management 28

Resources (continued) Tools for Windows Server 2003 (and Windows XP Professional) Group ppolicy Management Console with Service Pack 1 (gpmc.msi) http://www.microsoft.com/downloads/details.aspx?familyid=0a6d4c24-8cbd-4b35-9272-dd3cbfc81887&displaylang=en Group Policy Settings Reference (for Windows Server 2003 with Service Pack 1) (PolicySettings.xls) http://www.microsoft.com/downloads/details.aspx?familyid=7821c32f-da15-438d-8e48-45915cd2bc14&displaylang=en Microsoft Windows 2000 Server Resource Kit Group Policy Reference file name GP.CHM (compiled HTML Help file) this is a fully searchable help file with appropriate documentation links to Group Policy this helps out when you know there s a Group Policy that does what you want, but you just can t find the thing in the maze of 29

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information